Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ig6cKQ233SlQ_YSD8F0kBggltUI.roa
File: ig6cKQ233SlQ_YSD8F0kBggltUI.roa (raw, json)
Hash identifier: zq2USShFgnzPd5HfbJ4cfa1JMEQ8S7H7uigbjXq0kW0=
Subject key identifier: 8A:0E:9C:29:0D:B7:DD:29:50:FD:84:83:F0:5D:24:06:08:25:B5:42
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EFB5B28DE8F4CA8083DBDEDFEE0F58812
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ig6cKQ233SlQ_YSD8F0kBggltUI.roa
Signing time: Wed 24 Jun 2026 20:38:35 +0000
ROA not before: Wed 24 Jun 2026 20:38:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197574
IP address blocks: 31.56.186.0/24 maxlen: 24
31.56.187.0/24 maxlen: 24
31.59.143.0/24 maxlen: 24
31.59.150.0/24 maxlen: 24
217.60.32.0/24 maxlen: 24
217.60.33.0/24 maxlen: 24
217.60.34.0/24 maxlen: 24
217.60.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fb:5b:28:de:8f:4c:a8:08:3d:bd:ed:fe:e0:f5:88:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 24 20:38:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a0e9c290db7dd2950fd8483f05d24060825b542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:7d:6c:b8:34:fd:89:29:b2:df:2a:e3:73:
e1:12:4b:68:8e:41:22:0f:db:38:f2:19:ff:80:4c:
4c:58:66:57:ff:a6:1b:16:e1:0b:34:c8:e1:4e:f3:
fa:a7:49:a5:90:aa:2f:eb:a3:93:57:c2:25:cc:e3:
7c:28:81:16:e5:bd:56:23:de:9c:ad:25:cc:bf:a3:
9c:11:40:97:7b:6e:0b:23:cc:f9:f8:15:dc:e8:2a:
b7:2b:f3:d4:0e:57:a3:c2:b2:ce:9e:c8:ce:2f:17:
92:4f:bf:6f:77:29:a5:94:de:22:ba:a7:ad:bc:7c:
c3:51:96:9b:fb:3f:e8:37:7d:83:b1:e3:aa:02:13:
30:94:1e:96:48:8c:aa:a6:c5:70:c0:d4:a6:02:94:
26:c6:2c:d8:85:0b:10:ae:09:cb:b0:9e:61:bb:23:
cb:a1:00:c8:10:14:bb:62:65:39:0f:88:90:63:d0:
80:7b:56:dc:ab:0e:f7:b3:09:de:67:b7:87:eb:dd:
fd:73:66:3e:44:f4:2c:30:a9:a3:b5:bb:f9:74:c7:
ac:8f:fa:6e:c6:0a:e3:16:b5:03:bd:87:55:e3:66:
70:2c:94:c4:0d:91:6d:e6:c8:f1:7e:dd:d3:1e:48:
f9:d6:35:a9:4d:04:21:72:dc:ca:6f:84:29:56:86:
3d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0E:9C:29:0D:B7:DD:29:50:FD:84:83:F0:5D:24:06:08:25:B5:42
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ig6cKQ233SlQ_YSD8F0kBggltUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.186.0/23
31.59.143.0/24
31.59.150.0/24
217.60.32.0/22
Signature Algorithm: sha256WithRSAEncryption
05:3c:e7:41:3c:6d:29:86:40:a7:bc:43:b9:8c:90:8e:94:e2:
23:bf:79:40:f6:51:43:e1:6b:0f:50:3c:a6:bf:ed:e2:6e:a3:
0e:e5:c1:41:0a:1a:29:62:ab:31:c8:9a:73:2d:ce:3b:8f:31:
85:2d:33:d3:62:b2:51:fd:46:a4:59:71:6a:e0:70:30:27:55:
6d:1f:d7:a1:85:9f:d7:f4:81:1e:6a:96:c5:91:72:69:c4:61:
3c:6c:0a:d2:00:6e:3a:50:b2:5f:5e:75:05:0e:20:70:8c:dc:
20:99:4d:4c:8f:07:f1:da:c4:1d:8c:12:89:d8:dd:3a:e8:37:
b9:3b:fd:3e:c2:28:8b:4f:8a:50:50:d0:4e:2c:02:4c:7c:3c:
33:ff:a2:47:c3:e6:94:ce:e1:6d:03:7c:f8:87:ef:c1:fa:b1:
69:a5:e9:04:45:6e:69:13:cb:e1:d9:d3:22:58:3e:ec:a0:61:
6a:ac:07:b6:6b:57:90:a0:98:7c:b1:97:fb:07:22:1e:14:66:
ee:69:3e:63:da:fc:82:d8:51:8f:f1:d9:26:71:3d:26:59:ea:
c0:f2:c2:01:09:21:f0:b6:21:4a:1a:a8:ed:bb:b5:90:45:09:
54:3c:be:a5:3b:75:56:b2:d6:9a:55:3a:97:e7:8f:c3:cd:60:
86:20:92:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ77Wyjej0yoCD297f7g9YgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjI0MjAzODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTBlOWMyOTBkYjdkZDI5NTBmZDg0ODNmMDVkMjQwNjA4MjViNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSp9bLg0/Ykpst8q43PhEktojkEi
D9s48hn/gExMWGZX/6YbFuELNMjhTvP6p0mlkKov66OTV8IlzON8KIEW5b1WI96c
rSXMv6OcEUCXe24LI8z5+BXc6Cq3K/PUDlejwrLOnsjOLxeST79vdymllN4iuqet
vHzDUZab+z/oN32DseOqAhMwlB6WSIyqpsVwwNSmApQmxizYhQsQrgnLsJ5huyPL
oQDIEBS7YmU5D4iQY9CAe1bcqw73swneZ7eH6939c2Y+RPQsMKmjtbv5dMesj/pu
xgrjFrUDvYdV42ZwLJTEDZFt5sjxft3THkj51jWpTQQhctzKb4QpVoY90QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIoOnCkNt90pUP2Eg/BdJAYIJbVCMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaWc2Y0tRMjMzU2xRX1lTRDhGMGtCZ2dsdFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBHzi6AwQA
HzuPAwQAHzuWAwQC2TwgMA0GCSqGSIb3DQEBCwUAA4IBAQAFPOdBPG0phkCnvEO5
jJCOlOIjv3lA9lFD4WsPUDymv+3ibqMO5cFBChopYqsxyJpzLc47jzGFLTPTYrJR
/UakWXFq4HAwJ1VtH9ehhZ/X9IEeapbFkXJpxGE8bArSAG46ULJfXnUFDiBwjNwg
mU1Mjwfx2sQdjBKJ2N066De5O/0+wiiLT4pQUNBOLAJMfDwz/6JHw+aUzuFtA3z4
h+/B+rFppekERW5pE8vh2dMiWD7soGFqrAe2a1eQoJh8sZf7ByIeFGbuaT5j2vyC
2FGP8dkmcT0mWerA8sIBCSHwtiFKGqjtu7WQRQlUPL6lO3VWstaaVTqX54/DzWCG
IJKy
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:00:48 2026 by rpki-client